WLC 2504 - Issue with using Microsoft NPS for Radius Management Login

Hello,
In our environment we like to have our network admins and engineers use their Active Directory credentials when logging into devices so we can log who logged into which devices and if any changes were made. To do this we use a Server 2008 R2 NPS server with all our routers, switches and ASA's. We recently purchased a WLC to begin adding wireless to our environment. (See WLC_Radius_Config.png and NPS_Radius_Config.png)
On the WLC, I am able to authenticate in using my AD credentials but when I go to apply any config changes I get a message saying "Authorization Failed. No sufficient privileges." (See error.png) I have a feeling I am missing something small but this is very important to us.
I checked the Radius server and there are no login errors or NPS errors pointing to the WLC logins. Has anyone else run into this issue or know what I can do to solve it? 
Thanks,

Hi Kyujin,
I wish I had finished my guide.  Didn't realize it would take this long.
But what I meant is that when adding the attributes to my NPS (Microsoft's Network Policy Server) I only had to add the role and virtual domain if using Prime Infrastructure.
If you use NCS, you have to add the role, all the tasks, and the virtual domain.
See the screenshots and see if that helps explain it.  Not sure how TACACS will work as I'm not familiar with it.
Microsoft NPS - Attributes for NCS
Microsoft NPS - Attributes for PI

Similar Messages

  • Any issues with using LDAP on LINUX for GRC 5.2 UME?

    Our company is converting our LDAP servers from AIX to LINUX.  The DNS name used in our UME connection should not change.  Are there any issues with using LDAP on LINUX?  We are currently on GRC 5.2 SP9 (in the middle of upgrading to SP12).
    Also, I have been trying to connect our test UME system to a test LDAP box that has already been converted to LINUX but keep getting a 'connection failed' error when I try to test it. 
    Do you have to reboot the server to test changing the LDAP connections?  I've been trying it by going into UME, pulling up the LDAP tab, hitting the Modify button, entering the new userid and password for test LDAP, and hitting the Test Connection button.  I've verified that this userid and password is correct for test LDAP.
    Is there a way to get more information about why the connection failed?
    Thanks.

    I've been told by our LDAP Support group that none of the other configuration settings should have to be changed.  I should only have to change the id and password to connect to a test version of LDAP instead of our regular connection to the production LDAP.
    Can you test a connection for a different userid/password without having to reboot/restart the server?  Do I need to change these two settings, save then, reboot/restart, and then do the Test Connection button?
    Thanks.

  • Directory Caching issue with Cisco Jabber client for Windows

    Hi ,
    I am facing cache issue with Cisco Jabber client for Windows. If I do any change related to modification or deletion of contacts in Active Directory/ Callmanager, it does not reflect in the Jabber. Because jabber takes the contacts from the locally stored cache file in the Windows system.
    Every time I have to remove the cache file to overcome this issue, practically it's not possible to do the same with all the Widows users. As, if any employee leaves the company and still I can see his contact appears in the "Cisco Jabber client". I have not seen this issue with Android/Apple iOS.
    Is there any automated way to remove the cache file? 
    Here is the detail of CUCM,Presence and Jabber.
    CUCM version: 9.1.x
    Presence          : 9.1.X
    Jabber              : 10.5 and 10.6

    Hello
    On our environment we had to install a dedicated Microsoft Certificate Authority "just for Cisco Jabber usage" to house the
    Network Device Enrollment Service.
    Our certificate for the CUPS were generated on this Certification Authority too.
    I discussed this certificate matter with my colleagues this afternoon and nobody seems to remember how these certificates were deployed into the
    Enterprise Trust store for the users.
    But I think they asked all 400 users to accept the 3 certificates by answering "yes" to the popup instead of using a script deployed by GPO...
    I wish you success with that deployment and really hope you have a technical partner that *Knows* this subject.
    Our partner left us alone with that unfortunately.
    Florent
    EDIT: If the "Certutil script method" works, please let me know. This could be useful in our own deployment.

  • Issues with using relative links in Captivate 8

    Is anyone else having issues with using relative links in Captivate 8?  These links all used to work in the previous version of Captivate. And I could have sworn this was fixed already once in Captivate 8 but it's popping up again for us. Here is the situation... We have courses that are made up of multiple lessons which as separate Captivate files. Within those lessons are buttons to link to external documents (which live in a shared document folder), demonstrations, etc.  We use relative links because we post these to our amazon servers and we also sell them to clients where they can post them on their own web servers or in their LMS.  SO we can't put in full paths for the links or we'd have to change them constantly.  So an example is that the link for a button might be "../Document/nameofdoc.pdf"  This would be going to a user guide or something that is posted in the "Document" folder that lives at the same level as the lesson's folder. But now, all of the sudden, none of our bazillion links is working. And I've tried buttons, hyperlinks, and even the old click box. Nothing works with relative links. And I did check the permissions on every file and folder on our Amazon server to verify nothing changed there as well.   Any suggestions?

    I have the same issue with relative links using Captivate 8.  I am trying to load Captivate modules into an LMS using relative links to document files within the LMS.  The links work fine during a site page test so not an issue in the LMS, but from the Captivate module they aren't working....
    Help?

  • Issues with using the output redirection character with newer NXOS versions?

    Has anyone seen any issues with using the output redirection character with newer NXOS versions?
    Am receiving "Error 0x40870004 while copying."
    Simply copying a file from bootflash to tftp is ok.
    This occurs for both 3CDaemon and Tftpd32 softwares.
    Have tried it on multiple switches - same issue.
    Any known bugs?
    thanks!
    The following is an example of bad (NXOS4.1.1b) and good (SANOS3.2.1a)
    MDS2# sho ver | inc system
      system:    version 4.1(1b)
      system image file is:    bootflash:///m9200-s2ek9-mz.4.1.1b.bin
      system compile time:     10/7/2008 13:00:00 [10/11/2008 09:52:55]
    MDS2# sh int br > tftp://10.73.54.194
    Trying to connect to tftp server......
    Connection to server Established. Copying Started.....
    TFTP put operation failed:Access violation
    Error 0x40870004 while copying tftp://10.73.54.194/
    MDS2# copy bootflash:cpu_logfile tftp://10.73.54.194
    Trying to connect to tftp server......
    Connection to server Established. Copying Started.....
    |
    TFTP put operation was successful
    MDS2#
    ck-ci9216-001# sho ver | inc system
      system:    version 3.2(1a)
      system image file is:    bootflash:/m9200-ek9-mz.3.2.1a.bin
      system compile time:     9/25/2007 18:00:00 [10/06/2007 06:46:51]
    ck-ci9216-001# sh int br > tftp://10.73.54.194
    Trying to connect to tftp server......
    |
    TFTP put operation was successful

    Please check with new version of TFTPD 32 server. The error may be due to older version of TFPT server, the new version available solved this error. Files are getting uploaded with no issues.
    1. Download tftpd32b.zip from:
    http://tftpd32.jounin.net/tftpd32_download.html
    2. Copy the tftpd32b.zip file into an empty directory and extract it.
    3. Copy the file you want to transver into the directory containing tftpd32.exe.
    4. Run tftpd32.exe from that directory. The "Base Directory" field should show the path to the directory containing the file you want to transfer.
    At this point, the tftpserver is ready to begin serving files. As devices request files, the main tftpd32 window will log the requests.
    Best Regards...

  • I lost my ability to use Microsoft Offic for Mac, when I upgraded my MAC from Snow Leopard to Mountain Lion! HELP!

    HELP !
    After I upgraded my operating system on my mac, (from  Snow Leopard (10.6 ? ) to Mountain Lion (10.8.2), virtually ALL of my documents (recipes, update logs, information of untold things), have been denied to me with my Microsoft Word for Mac (which I have used since I purchased my mac in Aug.2008).
          I now get a window that tells me "You can't open the application "Microsoft Word" because PowerPC applications are no longer supported." (Needless to say, I cannot use Excel or anything else, either!)
          Yet, I can still access them, fully (read and even print fro them), individually, by dragging a file into my PREVIEW program!
          What gives?
          I am not a savvy programmer, nor do I confess to somehow being warned that this might happen when I upgraded my operating system.
         Is there any reasonable (easier?) way to continue the use of these (to me) very important files? I only upgraded because I upgraded my iPhone to a 4S and wanted everything to conform to  siimilar circumstances!
         What can I DO?

    You need to upgrade your copy of MS Office. You're using a version that is 8 years old (at least). You can buy Office 2011, which will work. You could also get a copy of Pages from the App Store, which is cheaper and will open Word files (though not perfectly). Or you could get a free Office clone, like OpenOffice or LibreOffice.

  • HR ABAP: Issue with using 'nocommit' parameter on FM HR_INFOTYPE_OPERATION

    Issue with using nocommit parameter on FM HR_INFOTYPE_OPERATION:
    My client has a requirement to create the following 4 infotypes in sequence in a LUW, i.e either all are created or none is created.
    9045   (custom infotype)
    0045
    0078
    0015
    I tried to use the nocommit parameter on FM HR_INFOTYPE_OPERATION to insert the 4 infotypes
    in a nocoomit mode and then at the end I have issued
    'Commit Work', but to my surprise only I/T 0015 is created in the database and the first three (9045, 0045 and 0078) did not make it to database.
    I searched many threads on SDN but could not find a solution.
    Please let me know if there could be any solution to implement the LUW.
    YOur inputs will be appreciated.

    Hi ,
    i think u can also try with this FM HR_MAINTAIN_MASTERDATA , see its documentations.
    no commit works like a simulation mode , what u can do is  ,
    call FM for all Infotypes and collect all error msgs if any , then finally call FM for all infotypes again without passing nocommit work ( i.e space).
    regards
    prabhu

  • Performance issue with using buffering in a APPL0 or APPL1 Table

    Hi,
    Can anyone please tell me whether there's any serious performace issue with using buffering for a Master or Transaction table? I'm asking this because when I run code inspector for my transp table I'm getting information message:
    Message Code 0011 ==> Buffereing is Activated but Delivery Class Is "A" and Message Code 0014 ==> Buffereing is Activated but Data Class Is "APPL1".
    So what's other way round for improving performance.
    Thanks,
    Mahesh M.S.

    Hi,
    have you read the documentation?
    Let me paste it here for you:
    Buffering is switched on for the examined table and it has data type 'APPL0' or 'APPL1'.
    Tables with data type 'APPL0' or 'APPL1' should contain master or transaction data, so these tables should either contain a large amount of data or their content should change frequently. Therefore buffering the table is unfavourable. Very large tables suppress other tables in the buffer memory and hence slow done any access to them. Transaction data should not be buffered because the synchronization of the changes on the various application servers is very time consuming.
    In exceptional cases, small master data tables ('APPL0', size category 0) can be buffered.
    The solution depends on the table content. If it is master or transaction data, the table should not be buffered. If the table content does not consist of master or transaction data, the data type should be corrected accordingly.
    This should answer your questions...
    Kind regards,
    Hermann

  • Can I use Microsoft Office for Student/Home for school?

    This might not be the right forum to ask this question, but I didn't see any other options listed that dealt specifically with Microsoft Office.
    I have to take a class for school that deals with using Microsoft Office Professional 2013. I have a Mac Book Pro Retina so obviously I can't use Microsoft Office Professional 2013. I have Microsoft Office for Student/Home, and according to the Microsoft website, the only difference is that the Home/Student edition doesn't include Outlook emails, calendars and tasks, although I have all three of those programs on my computer.
    I contacted my professor for this upcoming class and received no response yet.
    Can I get away with using this program? Or am I really expected to buy an entirely new program for one semester of school?
    Any input is appreciated. Thanks in advance!

    mmcc886 wrote:
    I contacted my professor for this upcoming class and received no response yet.
    When he (professor) responds, it will be a definitive answer.  No one here can provide that for you.
    Ciao.

  • Issue with Audit Vault Collector for Peoplesoft-MS Sql Server

    Experts,
    Requesting your valuable inputs regarding below issue :
    Environment:
    - Peoplesoft with SQL Server 2008
    - Oracle Audit Vault.
    Current issue with Audit Vault collector for SQL server is that it is not giving PSFT login ID instead it is giving Peoplesoft DB service Account ID.
    Is this expected ?. If yes, what is the workaround ? Can Database Firewall is a best option to capture PSFT login ID ?
    Thanks

    Hi Rabi ,
      just do one think here ..
    During data source creation , in the Additional tab area , in the SQL Engine session , select "Vendor SQL"  instead of "Open SQL".
    HOw could u create data source without selecting the driver corrsponding to MS SQL.?
    it is recommended to download the latest Driver and use this for Driver creation.
    let me know ..
                                       Regards
                                       Kishor Gopinathan

  • I am using microsoft outlook for email in firefox. When I select the envelope for email it takes me to a mailto window in outlook which I have to close.

    I am using microsoft outlook for email on latest version of firefox. In the applications window the only selection for outlook is mailto. When I select the envelope it takes me to outlook, however the first page is a mailto page with a link to my home page. I have to close that and get to my email page. How can I skip the mailto and go right to the outlook inbox page? Thank you.

    I may have made a mistaken assumption that you were using Outlook.com (online webmail). If you are using Microsoft Office Outlook, then you actually would need an add-on to put a button for that program on the toolbar. I'm not sure if there is one specific to Outlook, but there is an extension named Custom Buttons that can be tweaked to do a wide range of things.
    * https://addons.mozilla.org/firefox/addon/custom-buttons/
    * forum for getting help with the add-on: http://custombuttons.sourceforge.net/forum/
    But... I 'm not sure it's worth the effort because you usually can switch between Firefox and Outlook pretty quickly using the Windows Task Bar or Alt+Tab (keep holding Alt after you release Tab to see all the open windows and then Tab to the one you want).

  • I am trying to use Microsoft Office for Mac 2011

    I am trying to use Microsoft Office for Mac 2011 as my daughters school uses it (on PC's). However, it won't save any documents. It gives me the message that; it is not a valid file name, check the path to make sure it was typed correctly and select a file from the list of files and folders. All of which I think I have tried and there is just no success. It has just completely lost my daughters homework essay so it is not very popular around here at the moment! Anyone with any ideas for this glitch (?).

    Doesn't sound like Office for Mac. In any case post in the Microsoft forums:
    http://www.microsoft.com/mac/support

  • Can I Design a Forum with using web dynpro for java?

    Hi All:
        Can i design a forum with using web dynpro for java?
        I want to design an application like a simple forum which maybe has many replies.So if i use
    the UI technology "web dynpro for java", i will to create UI elements dynamically.How can i control this
    dynamical UI elements to keep layout ?

    Hi,
    yes you can do that....
    for exaple if you observe SDN...
    you can imagine like....
    A big Transparent Container(TC)....
    Inside that number of other TCs(depending upon the question nd its replies...)....
    In side each TC, again around 9 UIElements....
    one for menioning what is the question/reply?
    other for your description of question/reply...
    other for your name,
    displaing your fourm point... etc...
    So it will be
    for(loop till your (Question+No of replies))
    Create Transparent Container....
    Add Childs to the Container...
    Decide your layout....
    In case if you want to know how to create UIElements dynamically....
    http://help.sap.com/saphelp_nw04/helpdata/en/4f/07cf3dd28b5610e10000000a114084/frameset.htm
    https://www.sdn.sap.com/irj/sdn/wiki?path=/display/wdjava/dynamic%2bui%2bgeneration
    Regards,
    Srinivas.
    Regards,
    Srinivas.

  • Reg : I am getting an error while Using MicroSoft ODBC For Oracle Driver

    I am Using MicroSoft ODBC For Oracle Driver  for JDBC. Why i am using this driver is i could not able to get  the arabic content if i use the other driver  .I Right now i cannot change the NLS Lang because its a production server    also it has around 300 gb of data  and i can not take risk now by changing the NLS lang.. coming to the below error .i could able to access my data up to 4 Hours after that i am getting this error.If i restart my tomcat i can use my application  one more 4 hrs  .Please get back to me if u have any solution.Its very very helpful to me......+*
    [java.sql.SQLException] [ Microsoft ODBC for Oracle ]
    at sun.jdbc.odbc.JdbcOdbc.createSQLException(JdbcOdbc.java:6957)
    at sun.jdbc.odbc.JdbcOdbc.standardError(JdbcOdbc.java:7114)
    at sun.jdbc.odbc.JdbcOdbc.SQLDriverConnect(JdbcOdbc.java:3073)
    at sun.jdbc.odbc.JdbcOdbcConnection.initialize(JdbcOdbcConnection.java:3
    23)
    at sun.jdbc.odbc.JdbcOdbcDriver.connect(JdbcOdbcDriver.java:174)
    at java.sql.DriverManager.getConnection(DriverManager.java:582)
    at java.sql.DriverManager.getConnection(DriverManager.java:185)
    at com.iton.eoffice.DatabaseBean.connecteOfficeMoEnq(DatabaseBean.java:4
    60)
    at org.apache.jsp.MhewProfilesearchMoEnq_jsp._jspService(MhewProfilesear
    chMoEnq_jsp.java:434)
    at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:98)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
    at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper
    .java:384)
    at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:3
    20)
    at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:266)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
    icationFilterChain.java:290)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
    ilterChain.java:206)
    at com.iton.eoffice.tree.CharacterEncodingFilter.doFilter(CharacterEncod
    ingFilter.java:63)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
    icationFilterChain.java:235)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
    ilterChain.java:206)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperV
    alve.java:228)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextV
    alve.java:175)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
    ava:128)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
    ava:104)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
    ve.java:109)
    at org.apache.catalina.ha.tcp.ReplicationValve.invoke(ReplicationValve.j
    ava:347)
    at org.apache.catalina.ha.session.JvmRouteBinderValve.invoke(JvmRouteBin
    derValve.java:209)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav
    a:212)
    at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java
    :844)
    at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.proce
    ss(Http11Protocol.java:634)
    at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:44
    5)
    at java.lang.Thread.run(Thread.java:619)
    ------------1234-----------
    java.lang.NullPointerException
    at com.iton.eoffice.DatabaseBean.getSQLRows(DatabaseBean.java:764)
    at org.apache.jsp.MhewProfilesearchMoEnq_jsp._jspService(MhewProfilesear
    chMoEnq_jsp.java:435)
    at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:98)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
    at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper
    .java:384)
    at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:3
    20)
    at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:266)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
    icationFilterChain.java:290)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
    ilterChain.java:206)
    at com.iton.eoffice.tree.CharacterEncodingFilter.doFilter(CharacterEncod
    ingFilter.java:63)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl

    <BLOCKQUOTE><font size="1" face="Verdana, Arial, Helvetica">quote:</font><HR>Originally posted by sreenivas navuluri:
    Oracle(tm)Client and networking components not found. These components are supplied by Oracle Corporation and part of Oracle Version 7.2 or greater Client software installation. You will be unable to use this driver until these components have been installed . This error occurs while selecting the Microsoft Odbc for Oracle driver from the ODBC in control panel. Pls suggest<HR></BLOCKQUOTE>
    null

  • Error using "Microsoft ODBC for Oracle" driver

    I am trying to connect to Oracle 10g Express Edition from Access 2003 on Windows XP. I created a DSN using "Microsoft ODBC for Oracle" driver. When I try to connect using ADO, I get this error:
    [Microsoft][ODBC Driver Manager] Driver's SQLSetConnectAttr failed
    I googled this error and got a lot of hits but no solution.
    Any help would be greatly appreciated. I am new to Oracle and am coming from SQL Server 2000.
    Thanks a lot!

    This is the connection string I am using:
    Conn1.ConnectionString = "driver={Oracle in XE};Dbq=GMIS_LIVE.WORLD;Uid=Administrator;Pwd=ubs;"
    These are the contents of my tnsnames.ora (what entries do I add to make this work)?
    XE =
    (DESCRIPTION =
    (ADDRESS = (PROTOCOL = TCP)(HOST = your-a9279112e3)(PORT = 1521))
    (CONNECT_DATA =
    (SERVER = DEDICATED)
    (SERVICE_NAME = XE)
    EXTPROC_CONNECTION_DATA =
    (DESCRIPTION =
    (ADDRESS_LIST =
    (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC_FOR_XE))
    (CONNECT_DATA =
    (SID = PLSExtProc)
    (PRESENTATION = RO)
    ORACLR_CONNECTION_DATA =
    (DESCRIPTION =
    (ADDRESS_LIST =
    (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC_FOR_XE))
    (CONNECT_DATA =
    (SID = CLRExtProc)
    (PRESENTATION = RO)
    )

Maybe you are looking for

  • PDF DocumentCreation Exception error

    Hi Experts,   In my application, I have created one interactive form. While I am trying to deploy the form, I have get the follwoing error. Kindly help regarding this. com.sap.tc.webdynpro.services.exceptions.PDFDocumentCreationException: ../../inowi

  • Set location in Reminders by tap

    Reminders.app allows to notify on location (arriving or leaving). But when location sets it cannot be selected by tap on the map. Only by writing address via search field. Is there app restriction or my iPhone fault?

  • Setting different analog output's parameters in PCI-6229 DAQ card

    Hello, We are using DAQ assistant to set the analog output parameters (frequency). Is it possible to set different values for each channel using DAQ assistant? If not using DAQ assistant, what  is the other way to set it? Thank You Arunas

  • How to attach PDF files to invoice document from ECM.

    Hi Gurus, We have one requirement in that around three million  invoice pdf files are there in ECM system. we need to attach those pdf files(GOS) to  existing invoice document in SAP.as we searched in SCN we found one function module ARCHIVE_CONNECTI

  • Can't watch computer on tv

    I recently purchased a vga to composite adapter so that i could watch movies and shows from my computer to my tv. my tv is not an HDTV and therefore i am unable to use the HDMI port from my computer. And with the cord i got hooked up through the comp